mirror of
https://github.com/inspec/inspec
synced 2024-11-10 15:14:23 +00:00
Removed use of wmic from security_identifier resource as it will be deprecated soon
Signed-off-by: Vasu1105 <vasundhara.jagdale@chef.io>
This commit is contained in:
parent
601238ca81
commit
2100a66bef
5 changed files with 17 additions and 23 deletions
|
@ -57,14 +57,14 @@ module Inspec::Resources
|
|||
@sids = {}
|
||||
case @type
|
||||
when :group
|
||||
sid_data = wmi_results(:group)
|
||||
sid_data = cim_results(:group)
|
||||
when :user
|
||||
sid_data = wmi_results(:user)
|
||||
sid_data = cim_results(:user)
|
||||
when :unspecified
|
||||
# try group first, then user
|
||||
sid_data = wmi_results(:group)
|
||||
sid_data = cim_results(:group)
|
||||
if sid_data.empty?
|
||||
sid_data = wmi_results(:user)
|
||||
sid_data = cim_results(:user)
|
||||
end
|
||||
else
|
||||
raise "Unhandled entity type '#{@type}'"
|
||||
|
@ -72,20 +72,14 @@ module Inspec::Resources
|
|||
sid_data.each { |sid| @sids[sid[1]] = sid[2] }
|
||||
end
|
||||
|
||||
def wmi_results(type)
|
||||
query = "wmic "
|
||||
def cim_results(type)
|
||||
case type
|
||||
when :group
|
||||
query += "group"
|
||||
cmd = "Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID | Where-Object { $_.Name -eq '#{@name}' -and { $_.SIDType -eq 4 -or $_.SIDType -eq 5 } } | ConvertTo-Csv -NoTypeInformation"
|
||||
when :user
|
||||
query += "useraccount"
|
||||
cmd = "Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq '#{@name}' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation"
|
||||
end
|
||||
query += " where 'Name=\"#{@name}\"' get Name\",\"SID /format:csv"
|
||||
# Example output:
|
||||
# inspec> command("wmic useraccount where 'Name=\"Administrator\"' get Name\",\"SID /format:csv").stdout
|
||||
# => "\r\n\r\nNode,Name,SID\r\n\r\nComputer1,Administrator,S-1-5-21-650485088-1194226989-968533923-500\r\n\r\n"
|
||||
# Remove the \r characters, split on \n\n, ignore the CSV header row
|
||||
inspec.command(query).stdout.strip.tr("\r", "").split("\n\n")[1..-1].map { |entry| entry.split(",") }
|
||||
inspec.command(cmd).stdout.strip.gsub("\"", "").tr("\r", "").split("\n")[1..-1].map { |entry| entry.split(",") }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
2
test/fixtures/cmd/security-identifier-alice
vendored
2
test/fixtures/cmd/security-identifier-alice
vendored
|
@ -1,4 +1,4 @@
|
|||
Node,Name,SID
|
||||
Domain,Name,SID
|
||||
|
||||
|
||||
Computer1,Alice,S-1-5-21-1601936709-1892662786-3840804712-315762
|
||||
|
|
2
test/fixtures/cmd/security-identifier-guests
vendored
2
test/fixtures/cmd/security-identifier-guests
vendored
|
@ -1,4 +1,4 @@
|
|||
Node,Name,SID
|
||||
Domain,Name,SID
|
||||
|
||||
|
||||
Computer1,Guests,S-1-5-32-546
|
||||
|
|
|
@ -1,3 +1,3 @@
|
|||
Node,
|
||||
Domain,
|
||||
|
||||
|
||||
|
|
|
@ -565,12 +565,12 @@ class MockLoader
|
|||
"(New-Object System.Security.Principal.SecurityIdentifier(\"S-1-5-32-544\")).Translate( [System.Security.Principal.NTAccount]).Value" => cmd.call("security-policy-sid-translated"),
|
||||
"(New-Object System.Security.Principal.SecurityIdentifier(\"S-1-5-32-555\")).Translate( [System.Security.Principal.NTAccount]).Value" => cmd.call("security-policy-sid-untranslated"),
|
||||
|
||||
# Windows SID calls
|
||||
'wmic useraccount where \'Name="Alice"\' get Name","SID /format:csv' => cmd.call("security-identifier-alice"),
|
||||
'wmic useraccount where \'Name="Bob"\' get Name","SID /format:csv' => cmd.call("security-identifier-unknown"),
|
||||
'wmic useraccount where \'Name="DontExist"\' get Name","SID /format:csv' => cmd.call("security-identifier-unknown"),
|
||||
'wmic group where \'Name="Guests"\' get Name","SID /format:csv' => cmd.call("security-identifier-guests"),
|
||||
'wmic group where \'Name="DontExist"\' get Name","SID /format:csv' => cmd.call("security-identifier-unknown"),
|
||||
# Windows SID calls with CimInstance
|
||||
"Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq 'Alice' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation" => cmd.call("security-identifier-alice"),
|
||||
"Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq 'Bob' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation" => cmd.call("security-identifier-unknown"),
|
||||
"Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID, SIDType | Where-Object { $_.Name -eq 'DontExist' -and $_.SIDType -eq 1 } | ConvertTo-Csv -NoTypeInformation" => cmd.call("security-identifier-unknown"),
|
||||
"Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID | Where-Object { $_.Name -eq 'Guests' -and { $_.SIDType -eq 4 -or $_.SIDType -eq 5 } } | ConvertTo-Csv -NoTypeInformation" => cmd.call("security-identifier-guests"),
|
||||
"Get-CimInstance -ClassName Win32_Account | Select-Object -Property Domain, Name, SID | Where-Object { $_.Name -eq 'DontExist' -and { $_.SIDType -eq 4 -or $_.SIDType -eq 5 } } | ConvertTo-Csv -NoTypeInformation" => cmd.call("security-identifier-unknown"),
|
||||
|
||||
# alpine package commands
|
||||
"apk info -vv --no-network | grep git" => cmd.call("apk-info-grep-git"),
|
||||
|
|
Loading…
Reference in a new issue